Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts

Cybersecurity researchers have discovered a malvertising campaign that's targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting their credentials. "These malicious ads, appearing on Google Search, are designed to steal the logi...

CVE-2024-10394

CVE-2024-10394 describes a local vulnerability in OpenAFS where an attacker can bypass the PAG throttling on Unix clients, allowing the creation of a PAG with an existing id and potentially stealing credentials in that PAG. Multiple connected advisories confirm the issue affects OpenAFS and outli...

NocoDB Vulnerable to Stored Cross-Site Scripting in Formula.vue

Summary A stored cross-site scripting vulnerability exists within the Formula virtual cell comments functionality. Details The nc-gui/components/virtual-cell/Formula.vue displays a v-html tag with the value of "urls" whose contents are processed by the function replaceUrlsWithLink. This function...

Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks

A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the...

Webmin Usermin Cross-Site Scripting Vulnerability

Webmin Usermin is a web-based interface from Webmin Inc. Used for webmail, password change, mail filters, fetchmail and more. A cross-site scripting vulnerability exists in Webmin Usermin version 2.001. The vulnerability stems from the application's lack of effective filtering and escaping of...

NewsLetter Script 2.4 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland

A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, Austria, and Switzerland since the start of March 2023. "The actors behind Anatsa aim to steal credentials used to authorize customers in mobile banking...

Coursela Personal Course Selling Website 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

MAL-2022-7422 Malicious code in browserdiv (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43d909b99ddbd5a0479c4671e7f271aab4a36a3005ec51db963d79b50a324667 Security researchers at Check Point Research discovered a malicious package called browserdiv that intended to steal credentials by collecting and sendin...

Internet Bug Bounty: CVE-2022-32213 - HTTP Request Smuggling Due to Flawed Parsing of Transfer-Encoding

Original Report: https://hackerone.com/reports/1524555 Impact Depending on the specific web application, HRS can lead to cache poisoning, bypassing of security layers, stealing of credentials and so on...

Internet Bug Bounty: CVE-2022-32215 - HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding

Original Report: https://hackerone.com/reports/1501679 Impact Depending on the specific web application, HRS can lead to cache poisoning, bypassing of security layers, stealing of credentials and so on...

Cross-site Scripting (XSS) - Stored in snipe/snipe-it

Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a differen...

Engel & Völkers Technology GmbH: CSS-Reflected

Summary: Cross Site Scripting reflected Steps To Reproduce: This POC is on how to redirect user to the malicious website to steal credentials or any sensitive information. 1.How the request has been intercepted F1074840 2.What was the ResponseRendered F1074843 or F1074850 3.Which tools are used: ...

Malicious Package in smartsearchwp

All versions of smartsearchwp contain malicious code. The package is malware intended to steal credentials from websites it is loaded in. It traverses DOM elements looking for fields such as username and password and uploads it to a remote server. The package also port-scans the local gateway and...

Authorization

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

GFI Kerio Control 9.3.0 Cross Site Scripting

/ - DOM based XSS in Kerio Control Firewalls v9.3.0 - CVE-2019-16414 - Finder: Michael Eissele - Description: character encoding i.e. quote, \x22 allows to bypass input filter, opening up for DOM based XSS. - PoC Link to include exploit:...

Malicious Package

Overview All versions of smartsearchwp contain malicious code. The package is malware intended to steal credentials from websites it is loaded in. It traverses DOM elements looking for fields such as username and password and uploads it to a remote server. The package also port-scans the local...

Latest Qbot Variant Evades Detection, Infects Thousands

Qbot, an information-stealing trojan that has been around for 10 years, has resurfaced again with a new phishing-based infection technique that is able to evade anti-spam defenses. Varonis Security Research spotted the fresh global Qbot campaign in March. Researchers said they have positively...

DomainMOD 4.11.01 Registrar Cross Site Scripting

Exploit Title : DomainMOD 4.11.01 and beore - Registrar Cross-Site Scripting Author Discovered By : Mohammed Abdul Raheem Company Name : TrekShield IT Solutions Date : 04-12-2019 Vendor Homepage : https://domainmod.org/ Software Information Link : https://github.com/DomainMod/DomainMod Software...